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Testing of claims : 



1 . (Currently amended) A computer- implemented method for maintaining 

configuration information on a mobile device, comprising: 

receiving a m-~ r identifieS the source , of ^ 

, hfl n p M tn setting »f tt,P mnhile device: in c lu d e a roqocnt nr n m ntn d with configuration 

information stored oh tho mobile dovioe; - 

i^rif yintr. hv a nosh router of the m o hil* device, the source of the received message, 
w herein the mish muter associa t e « security role with the received message based on the 
identified sourrp of the receive^ message and i nserts an i den tifier into the received message to 
identify the associated security role: 

passing the message to a co nfiguration manager; 

raTT ,in p hv the configuration manager, t h e message to identify at least one configuratio n 
service nrovid^ »mnnp a nlu r *litv reconfiguration service providers, responsible for the 
settings identified in the message; 

^rermining whether the assigned s e curity role of the message, assigned by the push 
router, is sufficient to invok* the identifi ed configuration service provider; 

failing the transaction when the ass igned security role of the message is not sufficient; 

pacin g the message to the configura t ion service provider when the assigned security role 
nf the message is sufficient. wh« *in the identified configuration security provider determines 
whether the a li gned security role of the m essage is sufficient for settings associated with the 
configuration service provider; 

failin g the transaction when the assigned securi t y role of the message is insufficient for 
the settings: and 

performing the ch an ges to the settings of th e mobile device when the configuration 
se rvice provider determines that the s e curity ro i e of the message is sufficient. 

identifying tho gourcc of the roooivcd message from data asso c ia t ed with the rocoivgd 
moGoage; 

appel ating a cccn ri t y rnlr ™^""^ mn^ . nge horA i d on the identified souroc of tho 

received m e ssage; 

inoorting an identifior into tho received message to id e ntify the associated security role; 
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g guumuu^l I ficiirntia u. uuii n . ■< ill.... Il fi^n t in, mfe naa^ 

affected by Qie tooeiv n dmoosage t 

iM jSiISi^^ ^ u " n ,| 1 ii1p * m ™ nnd 

STroquesl-u^ uoiuled wi lli il fimimtinn informnti Bfe 

2. (Cancelled) 

3. (Previously presented) The computer-implemented method of claim 1, wherein 
the source of the message is identified from authentication and decryption of the received 



message 
4 



(Currently amended) The computer-implemented method of claim 1, wherein the 
Muimaftm within the message includes a shared key that identifies the source of the message. 

5. (Currently amended) The computer-implemented method of claim 1, wherein 
jfl—^n. ****** the «tf rH ~™tv role of the message, assign by the push rou^, is 

favnto the iden ^ ^nfTonration service provider further rompri^ comparing the 
,^ r ^ ^iritv role of th r m an assign security role of the co^fipuration service 

BI ovider, ^uto aing the nq uu.1 u MQcia tnrt with O il oonflg unric m iuh iii mi ui i fm thr r rn mp ri- w 

eeiiip ai iii tt 0* secu ri ty ™ 1 l " i lIt flno<h or ^ C U l ity pri ^ lQgC n - r ' ut ia lUl1 w 1 " nnfi C" rnti nT 1 
b u » ul piu > i dor, t hn ruufiii maiiQn ^rvio i pi emder be i ng r n T ou, iUo for managi n c t he 
configuration information stored on ui u mobile dev ion 

6-7. (Cancelled) 

8. (Currently amended) A computer-readable medium having computer-executable 
components for managing security on a mobile device, comprising: 

a stored setting having an assigned security role that identifies a privilege that an entity 
attempting to access the stored setting must satisfy in order to access the stored setting, 
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a router configured to receive a configuration message over a wireless coimnunication 
link the router being^rther configured to identify a source of the configuration 
irfertTicurir/^ mto the received configuration message based on the identified 

Se uteSe^being further configured to pass the configuration message to other 

ss^^V^ device ' * message inciudin8 311 mstruction * 

a configuration setting; end 

a configuration manager configured to receive the configuration message from the router 
and to parse the configuration message to identify a confl ation service provider ^nsib jg 
" r hSL*"« , w win th. config u™^ n^ w nasses the configuration message to the 

j ^viL » nrivilese h! ^ th. configu ration service prov^^^ ^ q^^f?? 

^to^^ rol* n f rtm o vu l ation * -.u ur j ly rol ir n.m f jind t o 

configuration pcttingo otorcd on the mobile doviec, 

w l i au in if the configu r ation sotting iden t ified in the configuration moooago idontifios fee 

uu i u l netting, and wherein if the wftbju u l noomity t o I p . baa «fi^Pri vll< ^»S G ^lS!l 
.tolc d setting; thV uul ^tion rm nngu coudm ■ fho matn iu d u u d m affect: rim rr rn figintinwi 

setting to bo proooos e d. 

thP .nnfi pnration service provide hdne cu nfipiireri to receive the configuration message 
ftnm the configuration manager, determine whether the assigned secunty role of the 
mnfip„mion m^^ ha* sufficie nt pri vi lege to access the stored settings, and ^nte th e 
.Jill when ^ ^figuration serv ice pro v ider determ ine that the assigned secunty role , 
has suffici ent privilege to access the st° red setting. 

9. (Currently amended) The computer-readable medium of claim 8, further 
comprising a wherein the configuration service provider is_configured to manage at least one 
configuration setting stored on the mobile device, and wherein the processing of the instruction 
is performed by the configuration service provider. 

1 0. (Original) The computer-readable medium of claim 9, wherein the configuration 
service provider has an assigned security role that identifies a privilege that must be associated 
with an instruction that affects a configuration setting which the configuration service provider 



maintains. 

1 1 . (Original) The computer-readable medium of claim 10, wherein the configuration 
manager is further configured to determine if the instruction that affects the configuration setting 
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is in agreement with the security role assigned to the configuration service provider that 
maintains the affected configuration setting, and if so, the configuration manager is further 
configured to pass the instruction to the configuration service provider to be handled. 

12. (Original) The computer-readable medium of claim 11, wherein the configuration 
service provider determines if the instruction is in agreement with the security role assigned to 
the stored setting prior to processing the instruction, and if not, terminating the processing of the 
instruction. 

13. (Currendy amended) A computer-readable medium having computer-executable 
instructions for maintaining configuration information on a mobile device, comprising: 

divine a confi p»™ti™ messag e wherein the confutation message includes a header 
K.1H thaTTo^ffe » «mm» ™d an m o tion field that identifies a configuration setting on the 
mnhile device: 

identifying, bv a push router o f the mobile device, the source of the recejve4 
^* r ^r> ^ aPe from th* header field, wherein the push router inserts a " * 

^ tifW into a security ™* "f > ~" ved configuration message, wherein, the security 
mle is based on the identified source of the r eceived configuration message; 

passin g the configiration messa ge to a confiruration manager; 

r ^ing hv the configuration manage r , the configuration message to identify at least one 
onnfi piiration service provider, among b plurality of confi guration service providers, responsible 
for the setting identified in the configu ration message: 

^,^nin p whether the ins erted security role identifier of the configuration message, 
flCg j pnsri hv the nush router, is suffic i ent to invoke the identified configuration service provider; 

feiimp the transaction whe n the inserted s e curity role identifier of the configuration 
messag e is not sufficient: 

rag ri™ the message to the configur ation service provider when the inserted security role 
iHenrifi^Tdinonfi^^tion message is sufficient, w herein t h e id enti fied co r.fi juration security 
p^idpr determines whether the insert e d security role identifier of the confirm-™ on message is 
sufficient for the setting associated wi th the configuration service provider; 

feilin p the transaction when the in serted security role identifier of the configuration 
messa ge is insufficient for the setting: and 
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^ the changes in thr -rttinr " f th » Hevice wh ™ thf * ^ nfipiiration servi ° g 

sufficient 

rese da cumulati on m r ^ eluding 0 hea d u a ud ou u^ ^tin t i. ^ oci at o d with a 
co nfiguration s elli ng Qtor od o n the mobilo derw es 

Ml um jiiift J n fT hnrPPri ^duu „i C nf T nn, tU,U t a dui nf thn rnrn iv ed 

eonfiguration message; 



u i y role with the, im Q uotion b nin d on tho source of the rocoived 



th e moosag e* 

um u i o i im d m Ji ■ -1 1i > mln nf t he i i u u u ot i u i . wi t h i -cu m in i u 1 . ■■ ■ ■ nnintnrl ^it h the 
^figuration actting stored on tho mobilo dovice; a a d 

tf - a i c^uii u iu k ci ft hrin ^a u a u iibin - ic rno ui ui l^ ia i ll -nrit yT nln n f the 

configuratioit so tt ing, prooc^ U ig tho instrn n r ion 

14. (Cancelled) 

15 (Previously presented) The computer-readable medium of claim 13, wherein the 
source of the message is identified from authentication and decryption of the received message. 

16. (Currently amended) The computer-readable medium of claim 13, wherein the 
information within the configuration message includes a shared key that identifies the source of 
the configuration message. 

17. (Currently amended) The computer-readable medium of claim 13, wherein 
HMPrnnnimi whetW i^ed secur e ~** identifier of thr ronfipnminn message, assign ed 
hy rh - r „y> ,^r„ ic .nffident to in ^ tto identified mnfipiifflrioo service provider further 
^m pri^ comnar ^ Verted securit y role identifier o f the ronfi pntation message to an . ^ 
a. ^ned security ™1« of the confi f™^™ ^ice provider, whuiuill V^l^L ^ in«ion 
e eiiipu acD comp ni m die ncn . riry r ulu u f Uic ipg mirtinu iOi anothor se cur ity rolo m r ** *i 



queries of and change i u dio configuration getting, 
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18-28 (Cancelled) 
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